+- Discovery Gaming Community (https://discoverygc.com/forums)
+-- Forum: The Community (https://discoverygc.com/forums/forumdisplay.php?fid=4)
+--- Forum: Real Life Discussion (https://discoverygc.com/forums/forumdisplay.php?fid=16)
+---- Forum: Software & Hardware (https://discoverygc.com/forums/forumdisplay.php?fid=17)
+---- Thread: Warning: Webmail may be compromised (/showthread.php?tid=27681)
Warning: Webmail may be compromised - Fletcher - 10-06-2009
It seems a major amount of Hotmail, Yahoo and Gmail account's passwords have been posted on illicit sites.
I recommend changing your password to a Strong Level.
http://www.pcmag.com/article2/0,2817,2353820,00.asp
PC Magazine Wrote:Gmail Also Nailed by Phishing Attacks, Google Says
Over this past weekend the credentials for several thousand Microsoft Hotmail accounts were posted online. Microsoft has confirmed the list was authentic, worked to get it taken down and deactivated the accounts. If your account was affected you can fill out this form to reclaim account access.
Then today Google told the BBC that Gmail had been similarly targeted. The BBC reported that they had seen a list with more than 30,000 names and passwords.
Microsoft says that the Hotmail accounts appear to have been compromised through "a likely phishing scheme," not through any problem in Hotmail. Google's response was similar: "We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including GMail accounts...As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."
What more is there to say about such problems? Users need to be able to recognize illicit attempts to elicit their account information. The Microsoft blog linked to above has some good, general advice on recognizing phishing scams.
It's also possible for attackers to steal account access if the passwords through other attacks, such as dictionary attacks which attempt to use common words (such as "password") as the password. Brian Krebs of the Washington Post has some good general guidelines on password selection in his report on this attack.
Pastebin, the site on which the Hotmail accounts were posted, is designed for programmers to share source code. Since the news broke of this disclosure, the owner, a completely innocent bystander in this business, has had to take the site down and work, undoubtedly for free, on measures to secure his site against such abuse in the future. I feel sorry for him, at least as sorry as I feel for people who gave up their e-mail passwords unwittingly.
Originally posted to the PCMag.com @Work blog.
Take care, and shuffle those passwords.
Warning: Webmail may be compromised - AJBeast - 10-06-2009
Thanks for the heads up , changing all of them now
Warning: Webmail may be compromised - Virus - 10-06-2009
I wonder if $fhsi#SE4;'^= is a strong enough password.
*changes his password regardless*
Warning: Webmail may be compromised - swift - 10-06-2009
The passwords were stolen from people who were gullible enough to answer e-mails from the "administration" requesting their passwords.
Gotta facepalm a bit.
Warning: Webmail may be compromised - Dopamino - 10-06-2009
Somehow spammers were able to send stuff from my Hotmail address recently. I never give out my password anywhere and I didn't get phished. Scary stuff.
Warning: Webmail may be compromised - Benjamin - 10-06-2009
Yeah I feel bad for the pastebin guy; I use that site all the time.
Warning: Webmail may be compromised - Canadianguy - 10-06-2009
I know a way some get MSN passwords.
They use a website known as MSNblocked or whatever.
Its not from MSN and it ask you your email and password saying "We dont keep them" and the first thing that happen after you enter your infos there is that they use your account to send the link to the website to all your contacts.
Still, my password is pretty darn secure ATM.
I will still change in. No need to take any kind of risk.